US10521600B2ActiveUtilityA1

Reconfigurable system-on-chip security architecture

68
Assignee: UNIV FLORIDAPriority: Dec 13, 2017Filed: Dec 13, 2017Granted: Dec 31, 2019
Est. expiryDec 13, 2037(~11.4 yrs left)· nominal 20-yr term from priority
G06F 30/34G06F 13/28G06F 21/62G06F 2213/0038G06F 21/76G06F 17/5054
68
PatentIndex Score
2
Cited by
3
References
20
Claims

Abstract

Aspects of system-on-chip (SoC) security architecture that supports systematic and efficient implementation, validation, and in-field upgrade of security policies are described. In one example, an apparatus can include at least one intellectual property (IP) core, a centralized reconfigurable security policy engine (RSPE) and at least one security wrapper. The RSPE implements actionable constraint based on a security policy and at least one event frame. A security wrapper is associated with an IP core. The security wrapper is configured to communicate an event frame to the RSPE in response to an event.

Claims

exact text as granted — not AI-modified
Therefore, the following is claimed: 
     
       1. A system-on-chip, comprising:
 an intellectual property (IP) core; 
 a reconfigurable security policy engine (RSPE) comprising a field-programmable gate array (FPGA) circuit, wherein the RSPE implements at least one action based at least in part on an evaluation of at least one event frame and configuration data that describes at least one security policy; 
 a security wrapper for the IP core comprising at least one wrapper cell, the security wrapper being communicatively coupled to the RSPE and configured to communicate an event frame to the RSPE in response to an event; and 
 a design-for-debug (DfD) infrastructure comprising a local DfD module for the IP core, wherein the DfD infrastructure interfaces with the RSPE and security wrappers, and is configured to detect the event and communicate event data to the security wrapper in response to detection of the event. 
 
     
     
       2. The system-on-chip of  claim 1 , wherein the security wrapper is configured by the RSPE at boot time based at least in part on the at least one security policy. 
     
     
       3. The system-on-chip of  claim 1 , wherein the event frame is a first event frame, the system-on-chip further comprising:
 a second IP core; and 
 a security wrapper for the second IP core that is configured to communicate a second event frame to the RSPE in response to a second event, wherein the evaluation of the at least one event frame comprises evaluating the first event frame and the second event frame. 
 
     
     
       4. The system-on-chip of  claim 1 , wherein the RSPE evaluates a security state based at least in part on a pareto-optimal mapping of the at least one security policy and the event frame. 
     
     
       5. The system-on-chip of  claim 1 , wherein the DfD infrastructure utilizes a port for event data that is different from a debug trace port of the DfD infrastructure. 
     
     
       6. The system-on-chip of  claim 1 , wherein instructions for the DfD infrastructure to detect the event and communicate the event data to the security wrapper are communicated by the RSPE using an interface of the DfD infrastructure in order to configure the DfD infrastructure. 
     
     
       7. The system-on-chip of  claim 1 , further comprising a memory that stores the configuration data, wherein the configuration data comprises a bitstream that configures the FPGA circuit or a bytestream that configures the FPGA circuit. 
     
     
       8. The system-on-chip of  claim 1 , wherein the at least one action causes a wrapper cell to disable access to a register based at least in part on the at least one event frame. 
     
     
       9. A method, comprising:
 detect an event using a design-for-debug (DfD) infrastructure comprising a local DfD module for an intellectual property (IP) core, wherein the DfD infrastructure provides event data to at least one security wrapper based on the event being detected; 
 communicating at least one event frame from the at least one security wrapper of a plurality of security wrappers to a reconfigurable security policy engine (RSPE) comprising a field-programmable gate array (FPGA), wherein the plurality of security wrappers are configured to detect at least one event and communicate the at least one event frame; 
 evaluating, by the RSPE, a security state based at least in part on a mapping of at least one security policy and the at least one event frame from the at least one security wrapper of the plurality of security wrappers; and 
 implementing, by the RSPE, at least one action in response to evaluating the security state, wherein the at least one action is implemented by generating an output control signal. 
 
     
     
       10. The method of  claim 9 , wherein the output control signal embodies instructions from the RSPE to a particular security wrapper of the plurality of security wrappers. 
     
     
       11. The method of  claim 9 , further comprising generating the mapping based at least in part on a selection of a subset of a plurality of pareto-optimal mapping solutions associated with the at least one security policy. 
     
     
       12. The method of  claim 9 , further comprising:
 receiving, by the RSPE, an update that comprises an updated mapping; and 
 reconfiguring, by the RSPE, at least one of the plurality of security wrappers to detect an event that is associated with the update. 
 
     
     
       13. An apparatus, comprising:
 at least one IP core; 
 a reconfigurable security policy engine (RSPE) comprising a field-programmable gate array (FPGA) circuit, wherein the RSPE implements at least one action based at least in part on at least one event frame and configuration data that describes at least one security policy; 
 at least one security wrapper associated with the at least one IP core, the at least one security wrapper being configured to communicate the at least one event frame to the RSPE in response to at least one event; and 
 a design-for-debug (DfD) infrastructure comprising a respective DfD module for the at least one IP core, wherein the DfD infrastructure is configured to detect the at least one event and communicate event data to a particular security wrapper of the at least one security wrapper. 
 
     
     
       14. The apparatus of  claim 13 , wherein the at least one security wrapper is configured by the RSPE at boot time based at least in part on the at least one security policy. 
     
     
       15. The apparatus of  claim 13 , wherein the at least one IP core comprises:
 a first IP core, wherein a first security wrapper for the first IP core is configured to communicate a first event frame to the RSPE in response to a first event; 
 a second IP core, wherein a second security wrapper for the second IP core is configured to communicate a second event frame to the RSPE in response to a second event; and 
 wherein the RSPE implements the at least one action based at least in part on the at least one security policy, the first event frame, and the second event frame. 
 
     
     
       16. The apparatus of  claim 13 , wherein the RSPE evaluates a security state based at least in part on a pareto-optimal mapping of the at least one security policy and the at least one event frame. 
     
     
       17. The apparatus of  claim 13 , wherein the DfD infrastructure utilizes a port for event data that is different from a debug trace port. 
     
     
       18. The apparatus of  claim 13 , wherein instructions for the DfD infrastructure to detect the event and communicate the event data to the particular security wrapper are communicated by the RSPE using an interface of the DfD infrastructure in order to configure the DfD infrastructure. 
     
     
       19. The apparatus of  claim 13 , further comprising a memory that stores the configuration data, wherein the configuration data comprises a bitstream that configures the FPGA circuit or a bytestream that configures the FPGA circuit. 
     
     
       20. The apparatus of  claim 13 , wherein the at least one action causes a security wrapper of the at least one security wrapper to disable access to at least one register based at least in part on the at least one event frame.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.